Corporations and other institutions have policies in place to mitigate risk of harm and loss to the organization. The policies can range from network security and technology policies, to physical safety and human behavior policies. A policy in place that states that software downloads are forbidden without an administrator approval helps protect the company from unwanted and/or malicious software as well as unforeseen software conflicts. Similarly, a policy that states that bank branches must have a snow removal contract in place helps protect the organization from lawsuits over slips and falls during the winter. Adherence to these policies protect the organizations, but occasionally, there may be a need or desire to provide an exception for one or more policies. Sometimes the decision to grant the exception is a common sense decision, but other times it may be more nuanced, and the person authorized to grant the decision probably will not have all the information required to make the decision.